Root-kits and spyware may be designed to avoid detection by security software executing in on a computer processor platform, to observe user activity, capture user data, perform circumvention of user actions, and other malicious activities.
Trusted platform modules (TPMs) may be used to authenticate an application or service and protect the application or service when executing from memory. TPMs may be implemented in accordance with a Trusted Computing Group Trusted Platform Module (TCG TPM) Specification, Version 1.2, published in October, 2003.
Modular boot logic, such as extensible firmware interface (EFI) boot modules, may be susceptible to malware in an operating environment. For example, EFI drivers and service applications may persist after transition to run-time environments, and operating system applications may call into pre-boot software. In addition, with EFI, entry points into code may be dynamically instantiated, and proprietary interfaces may exist. Malware in a host environment, and potential incompatibilities between third party drivers, may thus impact pre-boot software.
In the drawings, the leftmost digit(s) of a reference number identifies the drawing in which the reference number first appears.